package com.sky.interceptor;

import com.sky.constant.JwtClaimsConstant;
import com.sky.context.BaseContext;
import com.sky.properties.JwtProperties;
import com.sky.utils.JwtUtil;
import io.jsonwebtoken.Claims;
import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
import org.springframework.web.method.HandlerMethod;
import org.springframework.web.servlet.HandlerInterceptor;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/**
 * jwt令牌校验的拦截器
 */
@Component
@Slf4j
public class JwtTokenUserInterceptor implements HandlerInterceptor {

    @Autowired
    private JwtProperties jwtProperties;

    /**
     * 校验jwt
     *
     * @param request
     * @param response
     * @param handler
     * @return
     * @throws Exception
     */
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
        //判断当前拦截到的是Controller的方法还是其他资源
        if (!(handler instanceof HandlerMethod)) {
            //当前拦截到的不是动态方法，直接放行
            return true;
        }

        //1、从请求头中获取令牌 , 程序和小程序端约定,后续所有请求 都应该使用请求头携带,
        // 请求头必须叫 authentication ,我们配置到配置文件中
        String token = request.getHeader(jwtProperties.getUserTokenName());

        //2、校验令牌
        try {
            log.info("jwt校验:{}", token);

            Claims claims = JwtUtil.parseJWT(jwtProperties.getUserSecretKey(), token);

            Long userID = Long.valueOf(claims.get(JwtClaimsConstant.USER_ID).toString());

            log.info("当前用户id：{}", userID);

            BaseContext.setCurrentId(userID); // 存入 ThreadLocal
            //3、通过，放行
            return true;
        } catch (Exception ex) {
            log.error("token校验失败：{}", ex.getMessage());
            //4、不通过，响应401状态码
            response.setStatus(401); // 说明: 401 行业规范,就是权限不足
            return false;
        }
    }


    // 所有拦截器执行完毕执行
    @Override
    public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception {
        BaseContext.removeCurrentId();// 用完后及时释放资源(因为线程是共享的)
    }
}
